Therefore, you don’t install black boxes onto a Debian or Ubuntu system; you use software repositories that have gone through this source-code audit-then-build process.
Maintainers of operating systems like Debian and Ubuntu use many so-called “upstreams” of source code to build the final product.
Chromium, the open-source version of Google Chrome, had abused its position as trusted upstream to insert lines of source code that this audit-then-build process, and which downloaded and installed a black box of unverifiable executable code directly onto computers, essentially rendering them compromised.
We don’t know and can’t know what this black box does.
This was supposedly to enable the “Ok, Google” behavior – that when you say certain words, a search function is activated. Certainly something that enables eavesdropping of every conversation in the entire room, too. The first was to introduce a practically-undocumented switch to opt out of this behavior, which is not a fix: the default install will still wiretap your room without your consent, unless you opt out, and more importantly, know that you to opt out, which is nowhere a reasonable requirement.
When this happens in a Debian installation, it is not Google Chrome’s behavior, this is Debian Chromium’s behavior. 3) Yes, we deliberately hid this listening module from the users, but that’s because we consider this behavior to be part of the basic Google Chrome experience.